From bd9aa06feb41838689ed01f79845bc765f887ae3 Mon Sep 17 00:00:00 2001 From: Steffan Karger Date: Thu, 1 Jan 2015 20:46:09 +0100 Subject: Add option to disable Diffie Hellman key exchange by setting '--dh none' As requested on the mailing list and in trac ticket #410, add an option to disable 'traditional' Diffie Hellman key exchange. People want to be able to create ecdh-only configurations. This patch also disables RSA key exchange by default for OpenSSL builds, to prevent that people who set "--dh none" but have an OpenSSL version that doesn't support ECDH end up with a less secure connection. Note that users that specify their own --tls-cipher override these defaults and thus can still use whatever OpenSSL supports (and might thus end up with less secure connections). PolarSSL does not allow to easily disable RSA key exchange during runtime, but its default compile options do not include RSA key exchange based cipher suites. Finally update the manpage to reflect the new behaviour, and while touching it change the text to motivate users towards a more secure configuration. v2 - disable RSA key exchange by default Signed-off-by: Steffan Karger Acked-by: Arne Schwabe Message-Id: <1420141569-11773-1-git-send-email-steffan@karger.me> URL: http://article.gmane.org/gmane.network.openvpn.devel/9376 Signed-off-by: Gert Doering --- src/openvpn/options.c | 14 ++++++++++---- src/openvpn/ssl.c | 6 +++++- src/openvpn/ssl_openssl.c | 2 +- 3 files changed, 16 insertions(+), 6 deletions(-) (limited to 'src/openvpn') diff --git a/src/openvpn/options.c b/src/openvpn/options.c index f6e0855..4ea03d1 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2134,10 +2134,6 @@ options_postprocess_verify_ce (const struct options *options, const struct conne (options->shared_secret_file != NULL) > 1) msg (M_USAGE, "specify only one of --tls-server, --tls-client, or --secret"); - if (options->tls_server) - { - notnull (options->dh_file, "DH file (--dh)"); - } if (options->tls_server || options->tls_client) { #ifdef ENABLE_PKCS11 @@ -2497,6 +2493,16 @@ options_postprocess_mutate (struct options *o) for (i = 0; i < o->connection_list->len; ++i) options_postprocess_mutate_ce (o, o->connection_list->array[i]); +#ifdef ENABLE_CRYPTO + if (o->tls_server) + { + /* Check that DH file is specified, or explicitly disabled */ + notnull (o->dh_file, "DH file (--dh)"); + if (streq (o->dh_file, "none")) + o->dh_file = NULL; + } +#endif + #if ENABLE_MANAGEMENT if (o->http_proxy_override) options_postprocess_http_proxy_override(o); diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 9cc11fc..0bca28d 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -242,6 +242,7 @@ static const tls_cipher_name_pair tls_cipher_name_translation_table[] = { {"EDH", "EDH"}, {"EXP", "EXP"}, {"RSA", "RSA"}, + {"kRSA", "kRSA"}, {"SRP", "SRP"}, #endif {NULL, NULL} @@ -483,7 +484,10 @@ init_ssl (const struct options *options, struct tls_root_ctx *new_ctx) if (options->tls_server) { tls_ctx_server_new(new_ctx); - tls_ctx_load_dh_params(new_ctx, options->dh_file, options->dh_file_inline); + + if (options->dh_file) + tls_ctx_load_dh_params(new_ctx, options->dh_file, + options->dh_file_inline); } else /* if client */ { diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index ea3c99a..48c0571 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -234,7 +234,7 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) if (ciphers == NULL) { /* Use sane default (disable export, and unsupported cipher modes) */ - if(!SSL_CTX_set_cipher_list(ctx->ctx, "DEFAULT:!EXP:!PSK:!SRP")) + if(!SSL_CTX_set_cipher_list(ctx->ctx, "DEFAULT:!EXP:!PSK:!SRP:!kRSA")) crypto_msg (M_FATAL, "Failed to set default TLS cipher list."); return; } -- cgit